LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2011-2723 CVE-2011-2928 CVE-2011-3188 CVE-2011-3191
Created:September 9, 2011 Updated:November 28, 2011
Description: From the Debian advisory:

CVE-2011-2723: Brent Meshier reported an issue in the GRO (generic receive offload) implementation. This can be exploited by remote users to create a denial of service (system crash) in certain network device configurations.

CVE-2011-2928: Timo Warns discovered that insufficient validation of Be filesystem images could lead to local denial of service if a malformed filesystem image is mounted.

CVE-2011-3188: Dan Kaminsky reported a weakness of the sequence number generation in the TCP protocol implementation. This can be used by remote attackers to inject packets into an active session.

CVE-2011-3191: Darren Lavender reported an issue in the Common Internet File System (CIFS). A malicious file server could cause memory corruption leading to a denial of service.

Alerts:
SUSE SUSE-SU-2011:1319-2 2011-12-14
SUSE SUSE-SU-2011:1319-1 2011-12-13
SUSE SUSE-SA:2011:046 2011-12-13
Oracle ELSA-2011-1465 2011-11-28
Oracle ELSA-2011-2033 2011-11-28
Oracle ELSA-2011-2033 2011-11-28
Scientific Linux SL-kern-20111122 2011-11-22
Red Hat RHSA-2011:1465-01 2011-11-22
Ubuntu USN-1256-1 2011-11-09
openSUSE openSUSE-SU-2011:1222-1 2011-11-08
openSUSE openSUSE-SU-2011:1221-1 2011-11-08
Red Hat RHSA-2011:1419-01 2011-11-01
SUSE SUSE-SA:2011:042 2011-10-28
SUSE SUSE-SU-2011:1195-1 2011-10-28
Ubuntu USN-1246-1 2011-10-25
Ubuntu USN-1245-1 2011-10-25
Ubuntu USN-1243-1 2011-10-25
Ubuntu USN-1242-1 2011-10-25
Ubuntu USN-1241-1 2011-10-25
Ubuntu USN-1240-1 2011-10-25
Ubuntu USN-1239-1 2011-10-25
Scientific Linux SL-kern-20111020 2011-10-20
Ubuntu USN-1236-1 2011-10-20
CentOS CESA-2011:1386 2011-10-21
Red Hat RHSA-2011:1386-01 2011-10-20
SUSE SUSE-SA:2011:041 2011-10-17
Ubuntu USN-1228-1 2011-10-12
Ubuntu USN-1227-1 2011-10-11
SUSE SUSE-SU-2011:1101-1 2011-10-10
SUSE SUSE-SU-2011:1100-1 2011-10-10
Fedora FEDORA-2011-12874 2011-09-18
Scientific Linux SL-kern-20111005 2011-10-05
Red Hat RHSA-2011:1350-01 2011-10-05
Fedora FEDORA-2011-13809 2011-10-05
Ubuntu USN-1225-1 2011-10-04
Ubuntu USN-1220-1 2011-09-29
Ubuntu USN-1219-1 2011-09-29
Ubuntu USN-1218-1 2011-09-29
Ubuntu USN-1216-1 2011-09-26
Debian DSA-2310-1 2011-09-22
Red Hat RHSA-2011:1321-01 2011-09-20
SUSE SUSE-SU-2011:1058-1 2011-09-21
SUSE SUSE-SA:2011:040 2011-09-20
Ubuntu USN-1208-1 2011-09-14
Ubuntu USN-1203-1 2011-09-13
Debian DSA-2303-2 2011-09-10
Debian DSA-2303-1 2011-09-08
Ubuntu USN-1253-1 2011-11-08
Red Hat RHSA-2012:0010-01 2012-01-10
openSUSE openSUSE-SU-2012:0206-1 2012-02-09
openSUSE openSUSE-SU-2012:0236-1 2012-02-09
Oracle ELSA-2012-0150 2012-03-07
SUSE SUSE-SU-2012:0364-1 2012-03-14
SUSE SUSE-SU-2012:0736-1 2012-06-14
openSUSE openSUSE-SU-2012:0799-1 2012-06-28
openSUSE openSUSE-SU-2012:1439-1 2012-11-05
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds